Spring Boot(Spring Security)和企业身份验证应用程序之间的CORS

时间:2018-06-18 14:25:36

标签: spring spring-boot spring-security cors

即使在设置了所需的标头后,我也遇到了CORS问题,例如Access-Control-Allow-Originhttp://localhost:4200Access-Control-Allow-Credentialstrue等等。

Response from previous request:
HTTP/1.1 302 Found 
Access-Control-Allow-Credentials: true 
Access-Control-Allow-Headers: Special-Response-Header, Header2 
Access-Control-Allow-Origin: http://localhost:4200 
Access-Control-Expose-Headers: Special-Response-Header, Header2 
Access-Control-Max-Age: 3600 
Access-Control-Request-Headers: Special-Response-Header, Header2 
Cache-Control: no-cache, no-store, max-age=0, must-revalidate 
Content-Length: 0 Date: Mon, 18 Jun 2018 13:03:46 GMT 
Expires: 0 
Location: <<Replace with Org Authentication URL>> 
Origin: http://localhost:4200 
Pragma: no-cache 
Set-Cookie: dtCookie=8$C38554BBC14802D7BCFE9A5E047AA962;domain=rbc.com;path=/ Set-Cookie: JSESSIONID=26A7EB71BD36D31EFE6A701320DFA0C3;path=/;Secure;HttpOnly Set-Cookie: __VCAP_ID__=0a838736-ad8b-40b9-4aa5-e972; Path=/; HttpOnly; Secure Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Vcap-Request-Id: 61cc9d4e-29ba-4b11-7f0b-82ec01cbc0a6 X-Xss-Protection: 1; mode=block

当前请求:

GET <<Replace with Org Authentication Get method params>> 
HTTP/1.1 
Host: mrkdlvaiaas493.devfg.rbc.com:9443 
Connection: keep-alive 
Accept: application/json, text/plain, */* 
Origin: null 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36 Referer: http://localhost:4200/startBatch/2018-04-27 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9

错误:

Failed to <<Replace with Org Authentication URL>>: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

1 个答案:

答案 0 :(得分:0)

尝试声明这样的bean :(以启用cors)

@Configuration
public class SecurityBasicConfigurations {

  @Bean
  public WebMvcConfigurer corsOriginConfigurer() {
    return new WebMvcConfigurer() {
        @Override
        public void addCorsMappings( CorsRegistry registry ) {
            registry.addMapping( "/*" )
                    .allowedMethods( "*" )
                    .allowedOrigins( "http://localhost:4200" )
                    .allowedHeaders( "*" );
        }
    };
  }

}
相关问题
最新问题